On Thu, Mar 25, 1999 at 11:19:21AM +0000, Charles Lindsey wrote:
b) Mail has pretty fully moved to MIME support.
And we are pushing News in the same direction. But please note:
I AM NOT TRYING TO PROPOSE HEADER SIGNING AS THE NORMAL AUTHENTICATION
METHOD FOR USENET. That is your interpretation, not supported by others. I
am proposing it for specific applications (newgroups, cancels, etc, with
more to follow when demand arises). I am quite content for it to coexist
with existing MIME-based methods.
It would be pointless complexity to have multiple signing systems for
multiple types of messages. We want to specify how to sign "articles" and
how to certify what articles do. Control messages are just one type of
article.
No. The requirements of mail and news are similar here. You do not want
too many methods in either medium - you want standardised methods
supported by many agents in both cases to promote the maximum
interoperability. But OTOH "not too many" does NOT equate with "only one".
No, with mail, if I send you a message signed with S/MIME, all I need to know
is that *you* support S/MIME, no matter what the rest of the net does.
If I post a message to USENET, everybody on the net has to be able to handle
the method I use (if they want to be able to verify my signature.) If you
have two methods to sign, then everybody on the net has to support them.